<?php

/*

Buying an Item (usershop.pro.php)

*/
ob_start();
include "global.inc.php";

$find_owner = fetch("SELECT id,username,rank FROM members2 WHERE username = '$user' AND game = '$game'");

if ($find_owner[rank] == 0)
{
	die(header(error("usershop.php?game=$game&user=$user", "This user has been suspended.")));
}

$findItemInShop = fetch("SELECT id,stock,price FROM usershops_items2 WHERE owner = '$find_owner[id]' AND id = '$id' AND price = '$price' AND game = '$game'");

	// Start Check

	$checking = "usershops";
	$limit1 = 10;
	$limit = $timestamp - $limit1;

	$findCheck = fetch("SELECT * FROM checking2 WHERE userid = '$userid' AND check_what = '$checking' AND timestamp > '$limit' AND game = '$game'");

	if ($findCheck[id])
	{
		die("$openHTML<p>You can only purchase items from the usershops every $limit1 seconds. <a href=$base_url/usershop.php?game=$game&user=$user>Back</a></p>$closeHTML");
	}

	if (!$findCheck[id])
	{
		mysql_query("DELETE FROM checking2 WHERE userid = '$userid' AND check_what = '$checking' AND game = '$game'");
		mysql_query("INSERT INTO checking2 (userid,check_what,timestamp,game) VALUES ('$userid','$checking','$timestamp','$game')");
	}

	// End Check

if (!$findItemInShop[id])
{
	die(header(error("usershop.php?game=$game&user=$user","That item does not exist in this shop.")));
}

if ($findItemInShop[price] >= 200000)
{
	die(header(error("usershop.php?game=$game&user=$user","Sorry, only items less than 200,000 $pointsVar can be purchased.")));
}

if ($findItemInShop[price] > $points)
{
	die(header(error("usershop.php?game=$game&user=$user","You do not have enough $pointsVar for that item.")));
}

points($game,"$username", "-$findItemInShop[price]");
points($game,"$find_owner[username]", "$findItemInShop[price]");

mysql_query("UPDATE usershops_items2 SET stock=$findItemInShop[stock]-1 WHERE owner = '$find_owner[id]' AND id = '$id' AND game = '$game'");

$findItemInShop = fetch("SELECT stock,item_id FROM usershops_items2 WHERE owner = '$find_owner[id]' AND id = '$id' AND game = '$game'");

if ($findItemInShop[stock] <= 0)
{
	mysql_query("DELETE FROM usershops_items2 WHERE owner = '$find_owner[id]' AND id = '$id' AND game = '$game'");
}

$findItem = fetch("SELECT parts FROM items2 WHERE id = '$findItemInShop[item_id]' AND game = '$game'");

mysql_query("INSERT INTO usersitems2 (owner,item_id,parts_left,game) VALUES ('$userid','$findItemInShop[item_id]','$findItem[parts]','$game')");

mysql_query("INSERT INTO sales_logs2 (bought_from,bought_by,bought_item,bought_price,game) VALUES ('$find_owner[id]','$userid','$findItemInShop[item_id]','$price','$game')");

die(header(error("usershop.php?game=$game&user=$user","Your item has been purchased!")));
?>